Behavioral task
behavioral1
Sample
79979f9c74f039b33a61b1588681e74d1b18bc09f622138faeb112b9dad0ea65_JC.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
79979f9c74f039b33a61b1588681e74d1b18bc09f622138faeb112b9dad0ea65_JC.exe
Resource
win10v2004-20230703-en
General
-
Target
79979f9c74f039b33a61b1588681e74d1b18bc09f622138faeb112b9dad0ea65_JC.exe
-
Size
44KB
-
MD5
0521e4a3c3b66345306c573fd162020d
-
SHA1
418f8ae9c852073d2294d3fbf49b3e1e23608e55
-
SHA256
79979f9c74f039b33a61b1588681e74d1b18bc09f622138faeb112b9dad0ea65
-
SHA512
da9a8d2e0b667b023d2538d9f1c18d4fc2f51c2b816e1f1835fb14ab6139e0eeab86a9e45fb14952f5dbbf706245a58f50ebb2b5edd0548abbdd4507922cd809
-
SSDEEP
384:K9VD6tee+qUOTd2opQTLAdz1SvNmhpdvOjT7PbA6HBiTSnjxZMdP05ldpRMaYIBI:k6Qe+qUv8zcqdvOXA6XkPslJvGaVW
Malware Config
Signatures
-
Smokeloader family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 79979f9c74f039b33a61b1588681e74d1b18bc09f622138faeb112b9dad0ea65_JC.exe
Files
-
79979f9c74f039b33a61b1588681e74d1b18bc09f622138faeb112b9dad0ea65_JC.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 29KB - Virtual size: 29KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE